40 Iso27001 Jobs

The Supplier Assurance Services (SAS) team at JPMCs Corporate Third Party Oversight (CTPO) program is dedicated to conducting thorough risk assessments of suppliers. As an integral part of Global Supplier Services (GSS), SAS plays a crucial role in enhancing the security posture of JPMCs supply chain in collaboration with JPMCs Cybersecurity and Technology functions. Reporting directly to JPMCs Global Head of Corporate Third Party Oversight, SAS focuses on designing and implementing controls and processes to mitigate risks effectively. In the role of Associate, Supplier Cybersecurity Controls within the Supplier Assurance Services team, you will be responsible for conducting technology and cybersecurity control assessments of supplier environments. Your primary tasks will involve reviewing infrastructure, application stacks, and other technologies to ensure compliance with JPMC Corporate Policies & Standards. Working closely with JPMCs Global Cybersecurity and Technology team and JPMCs Lines of Business (LOBs), you will address the latest cyber risks prevalent in the industry. As part of the SAS team, you will evaluate action plans and risk acceptances across business lines where technology standards compliance falls short. Your key responsibilities will include managing all aspects of the control assessment of suppliers, leading onsite/virtual assessments, identifying and addressing control breaks and vulnerabilities within suppliers IT environments, and suggesting process improvements for enhanced operational efficiency and supplier posture. Additionally, you will support internal education initiatives and share best practices with peers, colleagues, and third parties while escalating any critical issues associated with suppliers as necessary. To excel in this role, you should possess at least 5 years of experience in Technology, Technology Risk & Controls, Technology Audit, Cybersecurity, Application Security, Cloud Security (SaaS, PaaS & IaaS), Network Security, Cyber Resiliency, and Third Party Outsourcing Risk Management within a large enterprise-level environment. It is essential to have a solid understanding of industry risk frameworks such as ISO27001, NIST Cybersecurity Framework, and others. Strong written and verbal presentation skills at the senior management level, along with the ability to engage in constructive debates with senior decision-makers and provide necessary pushback when required, are crucial for success in this position. Preferred qualifications for this role include certifications such as CISSP, CISA, CISM, CCSP, or CRISC, which can further enhance your expertise in supplier cybersecurity controls and risk management.,

Design, Implement and maintain GRC framework and policies. Conduct risk assessments. Coordinate internal and external audits. Conduct root cause analysis and recommend corrective actions.

As a Database Designer / Senior Data Engineer at VE3, you will be responsible for architecting and designing modern, scalable data platforms on AWS and/or Azure, ensuring best practices for security, cost optimization, and performance. You will develop detailed data models and document data dictionaries and lineage to support data solutions. Additionally, you will build and optimize ETL/ELT pipelines using languages such as Python, SQL, Scala, and services like AWS Glue, Azure Data Factory, and open-source frameworks like Spark and Airflow. Collaboration is key in this role as you will work closely with data analysts, BI teams, and stakeholders to translate business requirements into data solutions and dashboards. You will also partner with DevOps/Cloud Ops to automate CI/CD for data code and infrastructure, ensuring governance, security, and compliance standards such as GDPR and ISO27001 are met. Monitoring, alerting, and data quality frameworks will be implemented to maintain data integrity. As a mentor, you will guide junior engineers and stay updated on emerging big data and streaming technologies to enhance our toolset. The ideal candidate should have a Bachelor's degree in Computer Science, Engineering, IT, or similar field with at least 3 years of hands-on experience in a Database Designer / Data Engineer role within a cloud environment. Technical skills required include expertise in SQL, proficiency in Python or Scala, and familiarity with cloud services like AWS (Glue, S3, Kinesis, RDS) or Azure (Data Factory, Data Lake Storage, SQL Database). Strong communication skills are essential, along with an analytical mindset to address performance bottlenecks and scaling challenges. A collaborative attitude in agile/scrum settings is highly valued. Nice to have qualifications include certifications in AWS or Azure data analytics, exposure to data science workflows, experience with containerized workloads, and familiarity with DataOps practices and tools. At VE3, we are committed to fostering a diverse and inclusive environment where every voice is heard, and every idea can contribute to tomorrow's breakthrough.,

As a part of Bounteous x Accolite, you will play a crucial role in driving the future faster for the world's most ambitious brands. Our range of services includes Strategy, Analytics, Digital Engineering, Cloud, Data & AI, Experience Design, and Marketing, all of which are guided by our proven methodology of collaborative partnership known as Co-Innovation. With a workforce of over 5000 employees spread across North America, APAC, and EMEA regions, along with strong partnerships with leading technology providers, Bounteous x Accolite focuses on leveraging advanced digital engineering, technology solutions, and data-driven digital experiences to deliver exceptional and efficient business impact for our clients. Your responsibilities related to Information Security will involve maintaining awareness on crucial security measures such as the acceptable use of information assets, malware protection, and password security. You will be expected to understand and report security risks that can impact the confidentiality, integrity, and availability of information assets, as well as have a grasp on how data is stored, processed, or transmitted from a data privacy and protection perspective. As a key member of our team, your role will include planning, developing, and implementing information security policies and procedures. You will actively contribute to developing the security strategy for the organization, conduct risk assessments for different business units, and maintain risk registers while ensuring the implementation of risk treatment plans. Compliance with data protection and privacy legislations, effective communication of information security goals, collaboration with information security champions, and investigation of security incidents will also be part of your responsibilities. Moreover, you will be involved in driving internal and external audits to successful outcomes, liaising with external agencies on matters related to information security and data privacy, and performing supplier security reviews as per organizational policies. Your role will also entail responding to security questionnaires from clients and reviewing information security-related clauses in agreements or addendums. To be eligible for this position, you are expected to hold a Bachelor's degree in Computer Science, Information Systems, or a related field, along with a minimum of 5 years of experience in Information Security. Having a solid understanding of security principles, technologies, and best practices, as well as relevant certifications or experience in frameworks like ISO27001:2022, will be advantageous. Additionally, experience in planning and conducting audits, developing security policies and procedures, and possessing strong communication and team management skills will be beneficial. At Bounteous x Accolite, we value diversity and encourage individuals with varying backgrounds and experiences to apply, as we believe that passion, intelligence, and technical skills are key attributes regardless of meeting 100% of the criteria. Furthermore, we offer opportunities for team members to engage in Team Member Networks, which provide spaces for individuals with shared identities, interests, and passions, fostering a sense of community within the organization. If you are looking to be part of a dynamic team that values innovation, collaboration, and diversity, we invite you to apply for this exciting opportunity at Bounteous x Accolite.,

As an Internal Auditor at Justdial Ltd in Bangalore, you will be responsible for projects in IT Advisory focusing on the assessment and evaluation of IT systems, along with the mitigation of IT-related business risks. Your role will involve IS audit, ITGC reviews, internal audit engagements, IT infrastructure review, and risk advisory, including supporting IT audit activities. Your responsibilities will include coordinating and managing statutory external audits for SOX (ITGC), providing management reports by collecting and analyzing audit information, conducting ISMS security awareness training programs within the organization, and supporting the Information Security Manager in managing and mitigating risk assessments. You will also be involved in implementing ISO 27001 controls across the organization, conducting risk assessments and gap analyses for ISO 27001/IT General Control, and performing internal audits for various business functions. Additionally, you will conduct data center audits as per ISO 27001 standards, develop and review information security policies and procedures, handle end-to-end ITGC statutory audit requirements, assist in the implementation of ISO 27001:2013 and managing the ISMS, and consult the organization on business continuity for critical functions. You will also be involved in implementing and consulting on PCI DSS SAQ A-EP certification. The ideal candidate for this role should have a bachelor's degree in engineering or BSc-IT, experience in performing IT audits of banking/financial sector applications, and knowledge of IT regulations, standards, and benchmarks used by the IT industry (e.g., NIST, PCI-DSS, ISO 27001). Technical knowledge of IT audit tools, experience in carrying out OS/DB/Network reviews, exposure to risk management and governance frameworks/systems, and proficiency in project management, communication, and presentation skills are essential. Being a team player with strong self-directed work habits, initiative, drive, creativity, maturity, self-assurance, and professionalism is crucial for success in this role. Preferred certifications include CISA, CISSP, ISO 27001 Lead Auditor/Implementer, and CISM. Proficiency with Microsoft Word, Excel, Visio, and other MS Office tools is also required.,

You are a detail-oriented and experienced IAM Governance manager who will be a valuable addition to our cybersecurity team. In this role, you will be responsible for governance, risk management, and compliance within the Identity and Access Management (IAM) domain. Your primary focus will be to ensure that our IAM processes and policies align with industry best practices and regulatory requirements. Your key responsibilities will include: - Ensuring that IAM processes comply with policies, industry standards, and regulatory requirements. - Developing and enforcing governance policies, procedures, and standards to enhance the IAM program. - Governing the onboarding of applications to the IAM solution by ensuring adequate security controls are in place for each integration, including role matrices, Role-Based Access Control (RBAC), and access recertification cycles. You will also be responsible for: - Governing and maintaining Role-Based Access Controls (RBAC) and Segregation of Duties (SoD) principles for internal applications and infrastructure. - Monitoring user access review cycles, including access certifications and privileged access management. - Reviewing Multi-Factor Authentication (MFA) and conditional policies for internal teams. - Managing the complete user lifecycle to identify access control gaps and implement necessary controls. Additionally, you will: - Design and maintain role definitions and role-based access control frameworks. - Conduct risk assessments related to identity and access management and mitigate potential security risks. - Collaborate with various departments to ensure smooth onboarding, role changes, and offboarding processes. - Provide support and guidance on IAM to business units and end-users. - Prepare and present IAM governance reports and metrics to senior management and document IAM policies, procedures, and compliance activities. To excel in this role, you should possess strong interpersonal, analytical, and technical skills, along with decision-making and prioritization abilities. A background in the banking environment with a solid understanding of key security frameworks such as ISO27001, PCI DSS, and NIST 800-63 is preferred. Additionally, you should have over 5 years of experience in managing enterprise projects and coordinating in an enterprise environment. Your commitment to continuous learning, driving security risk reduction, and aligning actions with business priorities will be crucial in ensuring the success of our IAM governance initiatives.,

As the TISO - Information Security Compliance VP at Deutsche Bank, you will be responsible for enforcing Information Security compliance within your area of responsibility in alignment with the CISO mandate and strategy, as well as the bank's risk appetite. You will serve as the expert and point of escalation for all IT security-related aspects of the IT assets under your purview. Your role will involve providing guidance on implementing technical control aspects, achieving compliance with Information Security controls, and ensuring proper handling of any relevant exceptions. Collaborating closely with the respective Chief BISOs, you will support the business divisions and COO IT counterparts in complying with Security Controls. You will work as a part of a cross-functional agile delivery team, bringing innovation to software development by utilizing the latest technologies and practices. Your focus will be on delivering business value through a collaborative and supportive environment, engaging in all stages of software delivery from initial analysis to production support. Key Responsibilities: - Aligning standards, frameworks, and security with overall business and technology strategy - Identifying and communicating current and emerging security threats - Creating solutions that balance business requirements with information and cyber security requirements - Deriving the IT Security strategy from the CISO strategy and translating it into an operational plan for delivery within your area of responsibility - Driving integration of Chief Information Security Office Initiatives and ensuring alignment with divisional portfolios - Managing IT audits and preparing remediation plans in cooperation with COO IT management - Partnering with key stakeholders to act as a mediator and subject matter expert on Information Technology Security topics Skills and Experience: - 8-12 years of experience in security considerations of cloud computing, identity and access management, and technical elements required for building security - Knowledge of ISO27001, COBIT, and Windows and UNIX environments - Exceptional communication skills, critical thinking, and analytical skills - Ability to present information security topics to senior committees and drive decision-making - Good understanding of Findings Management, Control Inventory, and Anti-Financial Crime Functions in Corporate Banking - Ability to lead, mentor, and influence in a complex multi-matrix organization Education/Certification: - Degree in Information Security or a comparable education At Deutsche Bank, you will receive training and development opportunities, coaching from experts in your team, and a culture of continuous learning to support your career progression. Join us in striving for a culture of empowerment, responsibility, commercial thinking, and collaboration as part of the Deutsche Bank Group, where we celebrate the successes of our people and promote a positive, fair, and inclusive work environment.,

As a Technology Risk and Control Analyst within the Infrastructure Platform Engineering (IPE) team at the London Stock Exchange Group (LSEG), you will play a crucial role in identifying, assessing, and mitigating operational, regulatory, and technology-related risks across the organization. Working under the Infrastructure and Cloud business division, your responsibilities will involve supporting the implementation and maintenance of risk and control frameworks, conducting control testing, and collaborating with various teams to ensure compliance with internal policies and external regulations. Your key responsibilities will include identifying and assessing operational, regulatory, and compliance risks within the IPE teams, supporting the Risk and Control Self-Assessment (RCA) process, designing and documenting effective control procedures in collaboration with Infrastructure and GRC teams, as well as conducting Design Effectiveness Testing (DET) and Operating Effectiveness Testing (OET) to evaluate control performance. Additionally, you will work closely with cross-functional teams across Operations, Risk, Compliance, and IT to embed robust risk management practices, provide guidance and training on risk and control frameworks, recommend continuous improvements to control processes and risk mitigation strategies, and monitor industry trends and regulatory developments to ensure the effectiveness of risk practices. To qualify for this role, you should hold a Bachelor's degree in engineering, Computer Science, or a related field, along with 8-12 years of hands-on experience in Operational risk management, internal controls, IT audit, or compliance. A strong understanding of IT Governance framework and familiarity with IT industry standards such as ISO27001 and COBIT is essential. Experience with control testing, audit practices, compliance assessments, cybersecurity principles, and enterprise IT environments will be beneficial. Professional certifications such as CISA, CRISC, CISM are preferred, while proficiency in data analysis, reporting tools, and project management software is required. Strong analytical, problem-solving, and communication skills, as well as the ability to work collaboratively and manage relationships with stakeholders at all levels, are key attributes for success in this role. As part of LSEG, a leading global financial markets infrastructure and data provider, you will be contributing to driving financial stability, empowering economies, and enabling sustainable growth. With a diverse and inclusive organizational culture, you will have the opportunity to bring your true self to work, contribute to a collaborative and creative environment, and help re-engineer the financial ecosystem to support and drive sustainable economic growth. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days, and wellbeing initiatives to ensure the well-being and development of its employees.,

Innovation is and will always be the core of SAP Fioneer, and it is the promise of why we were spun out of SAP: agility, innovation, and delivery. SAP Fioneer builds on a heritage of outstanding technology and a deep understanding of corporate and consumer demands. At the heart of it all it is simple: We bring financial services to the next level with innovative software solutions and platforms. We are helping companies in the financial services industry to achieve speed, scalability, and cost-efficiency through digital business innovation, cloud technology, and solutions that cover banking and insurance processes end-to-end. A global company, with rapid growth, innovative people, and a lean organization makes SAP Fioneer a place where you accelerate your future! About role: We are committed to safeguarding our digital assets and ensuring the highest level of security for our clients. As we continue to grow, we are seeking an experienced Senior Cyber Security Engineer to join our dynamic team. The ideal candidate will bring extensive expertise in managing and securing complex environments, with a focus on O365 Security Tools, zScaler, MS Sentinel, SIEM, and Azure Security. This role requires a comprehensive skill set in incident response, vulnerability management, data protection, and cloud security, enabling us to securely empower our development and product teams. The successful candidate will have a proven track record in implementing and overseeing security solutions that protect organizational assets and improve security posture. Responsibilities: Security Infrastructure: - Design, implement, and manage security solutions leveraging O365 Security Tools, zScaler, MS Sentinel, and SIEM in support of the Security Architecture of Fioneer. - Develop and maintain comprehensive security strategies for cloud and on-premises environments. Data Protection and Leakage Prevention: - Establish the DLP and DRM program at Fioneer beyond just the deployment of the technology, but also drive data protection processes into the business and the organization. - Implement and manage data protection and leakage prevention controls. - Develop and enforce policies to safeguard sensitive information and prevent data breaches. Insider Risk Management: - Implement and manage insider risk management programs. - Monitor and analyze user activities to identify and mitigate insider threats. Security Frameworks: - Ensure compliance with security frameworks such as SOC2 and ISO27001. - Contribute to the continuous improvement of security policies and procedures. Azure Security: - Provide expertise in Azure Security, including Infrastructure as Code (IaC), Privileged Identity Management (PIM), Identity and Access Management (IAM), and Kubernetes security. - Collaborate with cloud teams to ensure secure cloud environments. Qualifications: - Bachelor's degree in Computer Science, Information Security, or a related field. - Proven experience as a Cyber Security Engineer with expertise in O365 Security Tools, zScaler, MS Sentinel, SIEM, incident response, vulnerability management, and data protection. - Proven experience in creating business user focused communication guides to implement Data Protection Technologies. - In-depth knowledge of security frameworks, particularly SOC2 and ISO27001. - Extensive experience in Azure Security, including Infrastructure as Code, PIM, IAM, and Kubernetes security. - Certifications such as CISSP, CISM, or relevant Azure certifications are highly desirable. Requirements: - Minimum of 5 years of experience in security engineering or operations in an enterprise environment. - First-hand experience with programming languages required, development experience in any cloud environment is a plus. - Excellent communication and people-focused skills. - Eager to learn and improve your cloud application security skills. - Ideally, initial professional experience of DevSecOps in the cloud, secure cloud configuration, secure cloud operations, vulnerability management. - Fluent in English and open to other cultures and ideas. - A sense of humor. Benefits: You will have the opportunity to collaborate with some of the brightest minds in the industry on an incredibly ambitious project to shape the ever-evolving financial sector. This is an environment where you can have it all - the agility, enthusiasm and dynamism of a start-up, combined with the established expertise, solid market presence, and extensive customer network of a more established organization. At SAP Fioneer, you will benefit from a flexible work environment that encourages creativity and encourages you to think outside the box, bring new ideas to the table, and challenge the status quo. You will become part of a diverse and global team that we are proud of and are constantly growing and reinventing. As an employee, you will have the chance to chart your own career path and take advantage of competitive compensation packages and progression opportunities based on merit. We offer a comprehensive benefits package that includes occupational pension provisions, support for health and wellbeing, various mobility options like bike leasing and transportation allowances, as well as additional perks such as celebration rewards, meal programs, jubilee recognition, and relocation reimbursement.,

As a Technology Information Security Officer (TISO), your primary responsibility is to ensure effective and efficient communication, coordination, and implementation of CISO IT Security requirements and decisions. You will play a crucial role in guiding the ITAO team and addressing security considerations related to cloud computing, such as data breaches, broken authentication, hacking, account hijacking, and more. Your key responsibilities include aligning standards and security frameworks with the overall business and technology strategy, identifying and communicating emerging security threats, and creating solutions that balance business requirements with information and cyber security needs. You will also be responsible for training users in system implementation and deriving the IT Security strategy from the CISO strategy for operational delivery. In addition to driving the integration of CISO initiatives and ensuring compliance with security controls, you will be expected to be the recognized expert in DB Information Security Policies and procedures. Proactively managing IT audits, planning remediation activities, and spearheading independent reviews of IT Security Controls are also crucial aspects of your role. Your skills and experience should include a minimum of 14-20 years of experience in security considerations of cloud computing, identity and access management (IAM), ISO27001 specifications, COBIT, and working in Windows and UNIX environments. Knowledge of technical elements such as VB.NET, Java/J2EE, ColdFusion, API/web services, scripting languages, and relational database management systems like MS SQL Server or Oracle will be necessary for successfully building security into the organization. Overall, your role as a TISO will require you to be a proactive leader in ensuring information and cyber security within the organization, collaborating with key stakeholders, and driving the adoption of security solutions while maintaining compliance with security controls and regulations.,

Cybersecurity Engineer + Analyst (Hybrid Chandigarh / Mohali) Infinity Healthcare Solutions, LLC is expanding its cybersecurity operations and is actively seeking a highly skilled and motivated Cybersecurity Engineer + Analyst to join our team. This role is designed for professionals who bring both deep technical engineering expertise and analytical skills to secure enterprise infrastructure, identify vulnerabilities, and respond to evolving cyber threats. This position will work at the intersection of IT security architecture, incident response, risk management, and compliance operations to ensure the security and integrity of our organizations data and systems. Key Responsibilities: Security Operations & Monitoring: Monitor infrastructure, networks, and cloud environments using SIEM tools (e.g., Splunk, Microsoft Sentinel) Identify, investigate, and respond to real-time alerts and security incidents Analyze logs and network traffic to detect anomalies and unauthorized activities Perform deep-dive forensic analysis and root cause investigations on security events Incident Response & Threat Management Lead and execute end-to-end incident response processes including containment, eradication, and recovery Maintain incident response playbooks, runbooks, and documentation for various threat scenarios Collaborate with cross-functional teams to remediate vulnerabilities and improve incident readiness Stay up to date with the latest threats, vulnerabilities, zero-day exploits, and malware campaigns Security Engineering & Hardening Manage and configure endpoint protection, firewalls, IDS/IPS, and other security controls Assist in the secure deployment and configuration of cloud environments (AWS, Azure, GCP) Evaluate and implement security tools and automation for risk mitigation Apply industry best practices to harden systems and reduce attack surfaces Governance, Risk & Compliance Perform routine risk assessments, internal security audits, and gap analysis Ensure adherence to regulatory and compliance standards: ISO 27001, NIST, SOC 2, GDPR Support internal and external audits by preparing documentation and evidence Develop and maintain security policies, procedures, and technical documentation IAM & Access Controls Manage Identity and Access Management (IAM), including user provisioning, role-based access, MFA Enforce least privilege and zero-trust principles across all systems and environments Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field Minimum 3 years of hands-on experience in cybersecurity operations, security engineering, or threat analysis Proficient with SIEM, IDS/IPS, EDR, antivirus, and endpoint security platforms Solid understanding of network protocols, firewalls, routing, and segmentation Practical knowledge of security for cloud platforms (AWS, Azure, or GCP) Experience working with IAM, RBAC, MFA, VPNs, and secure access controls Strong documentation and reporting skills; ability to communicate technical issues clearly Preferred Skills & Tools: Familiarity with MITRE ATT&CK, CIS Controls, OWASP Top 10 Experience using tools such as Wireshark, Nmap, Nessus, CrowdStrike, Qualys Scripting or automation experience (e.g., PowerShell, Python, Bash) is a plus Familiarity with DevSecOps practices is desirable Preferred Certifications (Any): CEH Certified Ethical Hacker CompTIA Security+ CISSP Certified Information Systems Security Professional CISA, CISM, or other GIAC certifications Why Join Us: Opportunity to work in a security-first environment with global impact Collaborative, forward-thinking team culture Exposure to enterprise-grade cloud security architecture and compliance frameworks Career development.

Role Overview We are seeking a highly experienced CloudOps & InfoSecurity Lead/Manager to take ownership of our cloud infrastructure, security posture, and compliance initiatives. This role will be responsible for overseeing mission-critical CloudOps functions on AWS, leading InfoSec initiatives including VAPT, DR drills, and ISO27001/SOC 2 compliance, and ensuring smooth and secure technology operations across the organization. The role also involves liaising with Vendors to manage on prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc, This is a hands-on leadership role that requires deep expertise in AWS infrastructure, DevOps pipelines, security frameworks, and experience collaborating with engineering, operations, and compliance teams. Key Responsibilities Cloud Operations (AWS) Manage and maintain core AWS services including: EKS (Kubernetes), EC2, RDS, S3, CloudWatch, Glue, Kinesis Own and optimize DevOps pipelines built on GitLab CI/CD. Implement cost-optimized, secure, and highly available cloud architectures. Ensure system monitoring, alerting, scaling, and backup strategies are effective and well-documented. Manage Disaster Recovery (DR) environments and conduct periodic DR drills. Information Security & Compliance Lead Vulnerability Assessment & Penetration Testing (VAPT) cycles and remediation efforts. Drive and maintain ISO27001 and SOC2 compliance: Work with external auditors and internal teams to ensure readiness. Own documentation, policy updates, and evidence collection. Implement and monitor security controls, incident management protocols, and regular access audits. Prepare and share weekly/monthly infosec and infra reports with leadership. Platform & SaaS Administration Oversee GCP Workspace (formerly G Suite) including Gmail, Drive, user provisioning, storage planning, and backup policies. Ensure data retention and security across productivity tools. Team & Vendor Collaboration Work with external vendors (e.g., for security testing, DR hosting, cloud services), Infra services Collaborate with engineering and QA teams for security reviews and infrastructure needs. Support procurement and vendor evaluation for infra and security tooling. Manage Vendors who manage on-prem infrastructure such as CCTV, SDWAN, UPS systems, Laptops etc and governance aspects related to regular reporting, auditing etc of IT infrastructure. Required Skills & Experience 8-10 years of experience in cloud infrastructure and information security domains. Proven expertise in AWS services like EKS, EC2, S3, CloudWatch, RDS, Kinesis, Glue, etc. Hands-on experience with DevOps pipelines (GitLab preferred). Strong understanding of infosec frameworks , compliance processes, and experience managing ISO27001 / SOC2 audits. Experience conducting and managing VAPT assessments and DR drills . Familiarity with Google Workspace (GCP) administration for email, storage, and access management. Strong communication and reporting skills with experience preparing stakeholder-ready documents. Experience managing or working with cross-functional teams and external vendors. Good to Have Certifications such as AWS Certified Solutions Architect , CISSP , CISM , or ISO27001 Lead Auditor . Exposure to container security , SAST/DAST tools , IAM best practices , and cloud cost optimization . Experience in a regulated domain such as Fintech/NBFC is a plus.

As a Technology Information Security Officer (TISO), your primary responsibility will be to ensure effective and efficient communication, coordination, and implementation of CISO IT Security requirements and decisions. You will play a crucial role in guiding the ITAO team. Your expertise will be instrumental in addressing security considerations related to cloud computing, such as data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss, and DoS attacks. Furthermore, you will be tasked with overseeing Identity and Access Management (IAM), which involves implementing a framework of security policies and technologies to restrict and monitor access to sensitive technology resources within the organization. Your familiarity with ISO27001 specifications and Control Objectives for Information and Related Technologies (COBIT) will be essential in defining and enforcing security policies and procedures that encompass legal, physical, and technical controls for managing organizational risks. In this role, you will be expected to align standards, frameworks, and security measures with the overarching business and technology strategies. It will be imperative for you to stay abreast of current and emerging security threats and devise solutions that strike a balance between business requirements and cybersecurity needs. Additionally, you will be responsible for training users on system implementation and conversion, ensuring that the IT Security strategy aligns with the CISO strategy, and translating this alignment into an operational plan for your area of responsibility. Your role will also involve integrating Chief Information Security Office initiatives, programs, and central solutions, ensuring compliance with security controls, and maintaining technical security documentation. You will act as an expert in DB Information Security Policies and procedures, manage IT audits, and collaborate with key stakeholders to address Information Technology Security risks effectively. For this position, we are seeking a candidate with 14-20 years of experience in security considerations related to cloud computing, IAM, VB.NET, Java/J2EE, ColdFusion, API/web services, scripting languages, RDBMS (e.g., MS SQL Server or Oracle), ISO27001, COBIT, and familiarity with Windows and UNIX environments. Your expertise in these areas will be vital for building and maintaining a secure IT environment and mitigating potential risks effectively.,

Control Testing in automated controls is must Roles and Responsibilities: In this role you are required to do analysis and solving of lower-complexity problems Your day to day interaction is with peers within Accenture before updating supervisors In this role you may have limited exposure with clients and/or Accenture management You will be given moderate level instruction on daily work tasks and detailed instructions on new assignments The decisions you make impact your own work and may impact the work of others You will be an individual contributor as a part of a team, with a focused scope of work Please note that this role may require you to work in rotational shifts

Key Responsibilities: Cybersecurity & SOC Operations: Monitor security alerts and events across IT and cloud infrastructure using SIEM tools. Investigate and respond to security incidents including phishing, malware, unauthorized access, etc. Develop and maintain incident response procedures and escalation protocols. Conduct threat intelligence and vulnerability assessments on-prem and in the cloud. Cloud Security: Implement and monitor cloud security best practices (AWS, Azure, GCP). Manage IAM (Identity and Access Management), encryption, security groups, and cloud firewall rules. Perform security assessments on cloud applications and infrastructure. Ensure compliance with shared responsibility models across different cloud service providers. GRC & Compliance: Develop, implement, and audit security policies based on frameworks like ISO 27001, NIST, SOC 2, and GDPR. Conduct risk assessments and internal audits to identify and address security gaps. Ensure cloud and on-prem infrastructure aligns with regulatory and client compliance requirements. IT Audits & Reporting: Prepare for and support external audits such as ISO 27001, SOC 2, and client-specific reviews. Document processes, create audit trails, and present risk mitigation plans. Maintain detailed records of audit findings and remediation actions. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. 2-5 years of experience in cybersecurity, cloud security, GRC, or IT audits. Working knowledge of major cloud platforms: AWS, Azure, or GCP. Experience with SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel) and endpoint security solutions. Understanding of cloud compliance standards: ISO 27017, CSA, CIS Benchmarks. Familiar with GRC platforms such as RSA Archer, ServiceNow GRC, etc. Strong documentation, reporting, and communication skills.

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY- Technology Risk team, you'll contribute technically to IT Risk and Assurance client engagements and internal projects. An important part of your role will be to actively establish, maintain, and strengthen internal and external relationships. You'll also identify potential business opportunities for Ernst & Young within existing engagements and escalate these as appropriate. Similarly, you'll anticipate and identify risks within engagements and share any issues with members of the team. We're looking for a Manager to join the leadership group of our EY- Technology Risk Team. This is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities are to: - Evaluate a portfolio of controls for design effectiveness, operating effectiveness, and/or risk management outcomes, raising issues as appropriate. - Ensure that assigned control assessments are accurate, effective, abide by policy, procedures, and templates, and meet quality control requirements and are delivered on time, in accordance with the assessment plan. - Test and supervise the delivery of assigned controls not limited to ITGC and ITAC but System Architecture, Operating Systems, Databases, Networks, Security Systems, Cloud Services, Asset Inventories, Incident Management, Recovery Management, ISO27001 & NIST assessment, Privacy Assessment, Cyber Maturity Assessment, IT Policies and Standards Assessment, and Software Development Lifecycle (SDLC); using experience and knowledge to intervene and redirect testing as required, resolving, or redirecting escalations as required. - Manage control owners and other stakeholders, ensuring the success of each assigned review, minimizing contention where possible and requesting support where deemed necessary. - Apply judgment and risk management concepts to identify, formulate findings, and provide valuable insights to the clients to improve processes and manage risks to achieving operational and strategic goals. - Review IT Policies and Standards and ensure that they are as per the different industry standard. - Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects. - Stay current with and promote awareness of applicable regulatory standards, upstream risks, and industry best practices across the enterprise. - Control frameworks such as COSO, internal control principles, and related regulations including SOX and J-SOX. - Familiar with IT industry frameworks such as ISO27001, NIST, PCI-DSS, SOX, FDA, HIPAA: Privacy, HIPAA: Security, and HITECH Act. - Third-party reporting standards (particularly SSAE16), other reporting and industry-specific standards, and, if applicable, trust-based standards such as SysTrust and WebTrust. Skills and attributes for success: - Provide guidance and share knowledge with team members and participate in performing procedures especially focusing on complex, judgmental, and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement. - Experience in conducting information security assessments including business continuity plan audits, network security audits, and infrastructure audits. - Perform NIST assessments, ISO assessments, and privacy impact audits, Data Privacy and GDPR implementation, experience in developing Data inventory and Third-Party Risk Assessment. - Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations. - Bring and utilize extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. - Understand EY and its service lines and actively assess what the firm can deliver to serve clients. To qualify for the role, you must have a Graduate (CS/IT, Electronics, Electronics & Telecommunications)/MBA/M.Sc. with at least 6 years of experience. Bring your significant experience in applying relevant technical knowledge in at least one of the following engagements: (a) ISO assessments, (b) NIST assessments, (c) Data privacy audits, (d) Network and Infrastructure audits, (e) Cyber Maturity Assessment, (f) IT Policies and Standards Assessment, (g) IAM and IT Asset Management, (h) IT Health Check. Ideally, you'll also have a robust understanding of program and project management practices and familiarity with a typical IT systems development life cycle. What we look for: A team of people with commercial acumen, technical experience, and enthusiasm to learn new things in this fast-moving environment. Opportunities to work with EY technology risk practices globally with leading businesses across a range of industries. What working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer support, coaching, and feedback from some of the most engaging colleagues around, opportunities to develop new skills and progress your career, and the freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

As an Information Security Analyst at Lionbridge, you will collaborate with the security and privacy team to establish and enhance information security and privacy management processes. Your responsibilities will involve working across various departments within the organization to conduct regular audits and reviews to ensure compliance with industry standards and regulations. You will oversee monthly and quarterly audits with business teams to assess security controls, ensuring they align with required standards, regulations, and customer specifications. Additionally, you will assist in gathering evidence for security compliance reviews and customer audits, while also contributing to the development of company-wide best practices based on audit outcomes. Proactively identifying and addressing information security risks within the organization will be a key aspect of your role. By utilizing the Lionbridge Risk Management Framework, you will evaluate events and processes for compliance with laws, regulations, and standards. Staying updated on emerging legislation and security technologies will also be essential in this position. To excel in this role, you should possess strong written and verbal communication skills in English, along with a basic understanding of internet technologies, operating systems, and networking concepts. A high level of motivation, attention to detail, and investigative skills are crucial attributes. A Bachelor's Degree in IT or a related field is required. While experience in Information Security Governance, Compliance, or Risk Management is preferred, it is not mandatory. Relevant security certifications such as ISO27001, CEH, and knowledge of industry trends and technologies are advantageous. In return, you can expect support from peers, access to cutting-edge technology, and leadership backing for your initiatives. Lionbridge is a global organization that empowers leading brands to expand their international reach and enhance customer engagement. If you are intrigued by the responsibilities and opportunities presented by this role, we encourage you to apply and be part of our dynamic team.,

As a Cyber Assurance Assistant Vice President (AVP) at Barclays in Pune, you will play a crucial role in partnering with the bank to provide independent assurance on control processes and offer advice on enhancements to ensure the efficiency and effectiveness of the bank's internal controls framework. Your responsibilities will include collaborating across the bank to maintain a robust control environment by conducting ad-hoc assessments and testing the design and operational effectiveness of internal controls aligned with the bank's policies and standards. You will develop detailed test plans and procedures to identify weaknesses in internal controls and other initiatives within the bank's control framework to mitigate potential risks and issues that could disrupt bank operations, lead to losses, or impact reputation. In this role, you will communicate key findings and observations to relevant stakeholders and business units to enhance overall control efficiency and provide corrective actions to senior managers. You will work closely with other control professionals to address complex issues and ensure consistent testing methodologies across the bank. Additionally, you will establish a knowledge center containing detailed documentation of control assessments, testing results, findings, and distribute material on internal controls to train and upskill colleagues within the bank. As an Assistant Vice President, you are expected to advise and influence decision making, contribute to policy development, and take responsibility for operational effectiveness. You will lead a team in performing complex tasks, set objectives, coach employees, appraise performance, and determine reward outcomes. If the position involves leadership responsibilities, you will demonstrate a clear set of leadership behaviors to create an environment for colleagues to excel. Your role may involve collaborating on assignments, guiding team members, identifying new directions for projects, and consulting on complex issues. You will identify ways to mitigate risks, develop new policies and procedures to support the control and governance agenda, and take ownership of managing risk and strengthening controls related to your work. Furthermore, you will engage in complex data analysis, communicate complex information effectively, and influence stakeholders to achieve desired outcomes. It is essential for all colleagues to uphold the Barclays Values of Respect, Integrity, Service, Excellence, and Stewardship, as well as demonstrate the Barclays Mindset of Empower, Challenge, and Drive in their behavior.,

As a Cloud Architect - AVP, you will be instrumental in defining and executing our AWS cloud strategy to ensure the effective deployment and administration of AWS cloud solutions. Your role will involve leading a team of AWS cloud engineers and architects, collaborating with diverse stakeholders, and utilizing your extensive expertise to promote AWS cloud adoption and innovation throughout the organization. Your primary responsibilities will include formulating and executing the company's AWS cloud strategy in alignment with business objectives, overseeing the design, architecture, and deployment of AWS cloud solutions with a focus on scalability, security, and reliability, collaborating with various teams to seamlessly integrate AWS services, evaluating and selecting appropriate AWS services and technologies, managing the migration of on-premises applications and infrastructure to AWS, establishing and enforcing AWS cloud governance, security policies, and best practices, providing technical leadership and guidance to the AWS cloud team to promote innovation and continuous enhancement, staying abreast of the latest AWS technologies and industry trends to incorporate relevant advancements into the AWS cloud strategy, and effectively communicating AWS cloud strategy, progress, and challenges to senior leadership and stakeholders. To qualify for this role, you should possess a Bachelor's or Master's degree in computer science, Information Technology, or a related field, along with a minimum of 15 years of IT experience, with at least 10 years dedicated to cloud architecture and implementation, particularly with AWS. Additionally, you should have experience with AWS cloud services SOC 2, ITIL, PCI-DSS, SAE16, ISO27001, Cobit, and/or HiTrust, cloud-native architectures, leading large-scale AWS cloud transformation projects, AWS cloud security, governance, and compliance, infrastructure as code (IaC) and automation tools such as AWS CloudFormation and Terraform, networking, storage, databases, and application development in AWS, exceptional problem-solving abilities, innovative design skills for AWS cloud solutions, strong leadership and communication capabilities, and a track record of managing and mentoring teams effectively. Preferred qualifications include being an AWS Certified Solutions Architect - Professional, experience with multi-cloud and hybrid cloud environments, familiarity with DevOps practices and tools like AWS CodePipeline and Jenkins, and knowledge of emerging technologies such as AI, ML, and IoT in relation to AWS cloud computing.,

Job Description: Azure AD & MS SQL Server Administrator Experience: 10 to 12 Years Location: Faridabad, Haryana, India Job Summary/Objective: Set up & Maintain Azure Hybrid Cloud Core Infrastructure Install, maintain & upgrade MS SQL Server Database on Azure Cloud in a Secure, HA & DR Environment Qualifications: BE/MCA 10th Standard, 12th standard & Graduation/Post Graduation marks should be 60% or more. Skills: Azure Cloud Administration Active Directory (AD), ADFS Administration Azure Devops CI/CD Pipelines Security setup Skill MS SQL Server Administration Window Server Administration, Proficient PowerShell Scripting /.NET Programming Knowledge of Project Management Documentation Artifacts for SDLC & Change Management Good Document writing Skill on Microsoft Excel & PowerPoint Preparation Programming Experience in .NETEnvironment (Nice to Have) Work Experinece on Azure Security Centre, Azure Defender, and Azure Sentinel (nice to Have) Experience on Hyper-V Admin, Backup Tools (Nice to Have) Work Experience in ISO27001/SOC2/GDPR Compliant Organization(Nice to Have) Certifications: Exam AZ-800: Administering Windows Server Hybrid Core Infrastructure Exam AZ-801: Configuring Windows Server Hybrid Advanced Services SC-300: Microsoft Identity and Access Administrator Microsoft Certified: Azure Database Administrator Associate (DP-300) MCDBA/Microsoft Certified IT Professional (MCITP) Database certification Experience: Relevant 8-10 Years Personal attributes: Good Communication skills specially written, Excel and PowerPoint Preparation Team Leader, Effectively articulation of ideas, convey information. Addresses customer inquiries or issues promptly & professionally. Clear and concise communication is essential for understanding requirements & expectations. Work Environment: 5 Days in-office working, Posting at Faridabad/Greater Noida, May have to travel Chennai & Overseas

Position Overview Job Title - Divisional Risk & Control Specialist CB, VP Location Mumbai, India Role Description CB Divisional CISO (D-CISO) Office The Divisional CISO has the ultimate responsibility for the operational aspects of ensuring compliance to Deutsche Banks Information Security Principles. The Divisional CISO Office supports the Div. CISO in this task. In this role the candidate will assist all of our business divisions by evaluating and mitigating information security risks in order to meet both audit and regulatory requirements. What Well Offer You As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your Key Responsibilities Information Security Officer (ISO) The ISO is a manager aligned to an application (Application ISO) both together hereafter referred to as area of responsibility. The ISO has the responsibility for ensuring the compliance with the Group Information Security requirements in their area of responsibility. Key responsibilities comprise but not limited to: ISO: Understand and analyze business setting from an information security perspective Perform risk assessments on complex applications, vendors, processes and projects from an information security perspective Identify security gaps, evaluate options for remediation, define and implement check points and compensating controls. Provide sufficient information related to the business context, information sensitivity and nature of usage of an application, including identification and implementation of controls for identified Information Security risks in their area of responsibility To cooperate with the D-ISO / D-CISO to address requests for policy interpretation, guidance and advice, to ensure creation of divisional policies in accordance with the IS Policy Governance and to support policy authors by raising questions to the policy advisory team Present assessments results and options to the business and discuss steps for resolution. Initiate and track risk acceptance process if required. Analyze and redesign access management processes (request and approval). Define and implement Segregation of Duties rules (details outlined below) Identifying applications and roles which allow access to PSI and assess appropriateness of access controls. Review of roles and application role concepts. Support on inquiries from internal and External Audit, regulators and clients. Advisory and support projects on information security questions. Advisory vendor relationships. Interact with and educate the business on information security risks and controls and handling sensitive data. Assist in assessing and determining appropriate controls on unstructured data hosted on internal and external data rooms. Conduct information security awareness sessions for stakeholders in CB. Assist in designing and implementing control framework for third party applications. Analyze the root cause for delays or incorrect processing and propose sustainable solutions Generate MIS for multiple IS topics and to assist senior management identify risks Support the wider D-CISO office where required including any adhoc analysis and presentations The Segregation of Duties (SoD) Manager acts as the single point of contact for the Divisions or Functions or other stakeholders with regard to any SoD related questions or issues in their area of responsibility. Key responsibilities of the SoD Manager comprise: To design and implement SoD Rules (for applications) in close collaboration with the ISO as well as other SoD Managers or stakeholders who may be affected by these rules. This includes the regular review of these rules and any necessary amendments To assess and remediate any SoD violations detected within their area of responsibility by either revoking inappropriate access or ensuring adequate compensating controls or exception handling procedures To assess the impact of inappropriate access on business operations and identify if there are indications for improper use of this access To act as the single point of contact for the Divisions or Functions or other stakeholders with regard to any SoD related questions or issues in their area of responsibility Liaise and coordinate with Central SoD Governance team and attend SoD forums Special Projects support on ongoing remediation projects. Your Skills And Experience Skills Profile: Experience as IT and/or IS analyst ideally in a Corporate Banking environment Proficiency in Microsoft Office applications (Excel, PowerPoint, Word, etc.) Excellent communication skills in English (verbal and written) with ability to articulate / engage with Senior management stakeholders (a must) Strong analytical skills and ability to transform complex issues into efficient solutions Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs Management Skills: Strong operational and people management skills, including the ability to operate within a diverse team. Excellent partnering skills and stakeholder management. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with business and management teams and with other control functions. Comprehensive management / leadership skills, including the ability to motivate teams through demonstrable commitment to CB and DBs success. Experience/qualifications: Good university graduate or post-graduate degree with Information Security, Risk Management and Governance Prior experience in a risk environment (e.g. in BISO, ORM, Audit, Data Privacy) Good understanding of major business and operational risk processes. Certifications such as ISO27001-LA/LI, CISM, CISSP etc. Experience in banking industry with a strong sense of accountability and integrity Advanced presentation/interactive skills sufficient to convey complex conceptual information/ideas on issues requiring interpretation and opinion. Desire to work in a fast paced, challenging multi-cultural environment and with ability to work in a global team Self-motivated, critical thinking and good understanding of major business and risk processes How Well Support You Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs About Us And Our Teams Please visit our company website for further information: https://www.db.com/company/company.htm We strive for a culture in which we are empowered to excel together every day. This includes acting responsibly, thinking commercially, taking initiative and working collaboratively. Together we share and celebrate the successes of our people. Together we are Deutsche Bank Group. We welcome applications from all people and promote a positive, fair and inclusive work environment.,

KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Role detail 4 to 8 years of experience in vendor/ supplier/ third party risk assessment Expertise in IT internal audit, Information Security/cybersecurity, IT SOX, Third Part Risk Assessment Reporting e.g., SOC1, SOC 2. Relevant expertise on CSA STAR requirements, ISO control, NIST Standards, PCI DSS and GDPR requirements. Experience in performing control testing, IT / infosec risk assessments. Knowledge of technical domains such as cloud security and application security. Certification: CISA, CISSP, CEH, ISO, PCI DSS, NIST.

Technical Strong experience in review of guideline defined, conducting regulatory assessments for BFSI (E.g. RBI, SEBI, IRDAI). Global guidelines knowledge which includes NIST, ISO27001, PCI-DSS, COBIT, etc. Assisting in remediating gaps on the defined guidelines for the client. Performing System Audit and conducting technology landscape review. Having worked on Information Technology Risk Assessment areas such as NIST, ISO27001, PCI-DSS, COBIT, etc. Experience of handling IT audits and reviews. Good understanding on technology topics related to cyber security, encryption, architecture resiliency , business continuity, disaster recovery, IT Governance, Third party outsourcing risk and information security/technology risk. Certification - CISA, CISSP, ISO27001 Soft Skills Good presentation and report writing skills is mandatory. Excellent communication skills and confident demeanor Experience of working with client stakeholders Good problem-solving skills.

Open Source COE Security Architect This role has been designed as Onsite with an expectation that you will primarily work from an HPE partner/customer office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in todays complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: HPE Operations is our innovative IT services organization. It provides the expertise to advise, integrate, and accelerate our customers’ outcomes from their digital transformation. Our teams collaborate to transform insight into innovation. In today’s fast paced, hybrid IT world, being at business speed means overcoming IT complexity to match the speed of actions to the speed of opportunities. Deploy the right technology to respond quickly to market possibilities. Join us and redefine what’s next for you. What you will do: Expert in IT/Cyber Security field. Should be CISSP/CISM/CCSP and CCSK and ISO27001 Certification are desired. Should have good knowledge of security assessment against different global Frameworks like NIST, MITRE and cloud security alliance etc. Should have good understanding of Compliance and regulatory requirements. Working with information security and DevSecOps teams in a CI/CD environment as well as comprehensive understanding of cloud security systems. Programming experience in C/C++, Python, JavaScript, Bash & PowerShell Scripting is desired. Hands-on expertise, Linux, Kernel, threads, processes, API etc. is desired. Provide Security Vision & Strategy to the Organization, strategic direction, development, and implementation of information security programs and projects to address risks relevant to the attainment of organizational strategic security goals based on open source tool/framework. Experience in advising leadership team regarding evolving of open source Security Technology landscape, product issues, security mitigations for identified risks and possible improvements Expertise in providing executive roadmaps for continual improvement in teams, technology, and processes, process across various security & DevSecOps teams based on open source tool/framework. Experienced in Information Security Risk Management, gap analysis, Audits. Hands-on Experience in formulating Cyber Security Policies, design and implementation of Security Technologies, DevSecOps. Working Knowledge in implementation of Cyber Security Solution in Open Source, Open Stack environment. Ability to provide strategies to increase the ability to withstand cyber-attacks, as measured by annual sophisticated attack simulations. Experience in upgrading, troubleshooting and tuning of Cyber Security Solutions. Thorough understanding and good knowledge of latest Cyber Security technologies, security Architectures, vulnerabilities, security threats. Ability to setup PoC for latest open source security solutions. Good understanding of Open-Source Technologies, Cloud security technologies. What you need to bring: BE/B.Tech with 10+ years of experience in the IT industry and 6+ years of experience in Information Security / Cyber Security field. Expert-level knowledge in the IT/Cyber Security field, with a thorough understanding of the latest security technologies, architectures, vulnerabilities, and threats. Desired certifications include CISSP, CISM, CCSP, CCSK, or ISO 27001. Strong knowledge of global security assessment frameworks like NIST, MITRE, and the Cloud Security Alliance (CSA). A deep understanding of compliance and various industry regulatory requirements. Proven experience in developing security vision, strategy, and executive roadmaps for an organization based on open-source tools. Hands-on experience in Information Security Risk Management, conducting gap analysis, managing audits, and formulating Cyber Security Policies. Comprehensive understanding of cloud security systems and working with DevSecOps teams in a CI/CD environment. Working knowledge of implementing, upgrading, troubleshooting, and tuning Cyber Security Solutions, particularly in Open Source and OpenStack environments. Desired programming and scripting experience in C/C++, Python, JavaScript, Bash, and PowerShell. Hands-on expertise with the Linux operating system, including its Kernel, threads, processes, and APIs. Experience advising leadership teams regarding the evolving security landscape, product issues, and risk mitigation strategies. Ability to provide strategies to withstand sophisticated cyber-attacks and experience with annual attack simulations. Proven ability to set up Proof of Concepts (PoCs) for new and emerging open-source security solutions. Additional Skills: Accountability, Accountability, Active Learning (Inactive), Active Listening, Bias, Business Growth, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Customer Relationship Management (CRM), Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more} What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #operations Job: Services Job Level: TCP_04 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Roles and Responsibilities Ensure compliance with ISO 27001 standards by implementing and maintaining an Information Security Management System (ISMS). Conduct IT audits to identify vulnerabilities and provide recommendations for improvement. Develop and implement policies, procedures, and controls to ensure data privacy and protection. Collaborate with cross-functional teams to integrate security into business operations. Provide training on ISMS best practices to employees. Desired Candidate Profile 6-11 years of experience in IT Compliance or related field. B.Tech/B.E. degree in Any Specialization. Strong knowledge of SOC, SOX, IT Audit, ISO27001 standards.